Commit Graph

60 Commits

Author SHA1 Message Date
Lars Knoll
986cfe312e Port autotest to QRegularExpression
Change-Id: Id632ed191add8beab6a857c4c949cc78e4c5eccf
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2020-03-31 15:28:23 +02:00
Lars Knoll
3af596402a Remove QRegExp usage from QSslCertificate and QSslSocket
Change-Id: I81abe1ab2173af922fa4b5fad58d25fa602c523b
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2020-03-31 15:28:23 +02:00
Mårten Nordheim
8131116896 QSslCertificate: Turn enum into enum class and expand abbreviation
From API review

Change-Id: Id174ff1a0a123585e41723ef1c1876b2f3bd39c5
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2020-03-04 18:36:04 +01:00
Samuel Gaist
49f143e19c QSslCertificate: migrate to QRegularExpression
This is part of the migration of qtbase from QRexExp to
QRegularExpression.

If support for regular expression is disabled, fixed string can
still be used.

[ChangeLog][QtCore][QSslCertificate] Add overload of fromPath that does
not make use of QRegExp and deprecate the QRegExp variant.

Task-number: QTBUG-72587
Change-Id: I507d8941cc7d70166da0948375dc421fe5e7d967
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2020-01-23 16:47:31 +01:00
Timur Pocheptsov
67bbe28d67 tst_qsslcertificate: fix subjectAndIssuerAttributes
Instead of OID as string, OpenSSL returns a human-readable name.
No need to fail then, use such a name in QVERIFY if OID not found.

Fixes: QTBUG-80329
Change-Id: I4392fc9f37367f7c34c05d172db015b44e2a8497
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
2019-11-28 17:12:26 +01:00
Marc Mutz
d2ed1074d0 tests: remove the last uses of Java-style iterators
... except where they are actually the component under test.

Java-style iterators are scheduled for deprecation.

Change-Id: If4399f7f74c5ffc0f7e65205e422edfa1d908ee8
Reviewed-by: Lars Knoll <lars.knoll@qt.io>
2019-06-13 09:40:26 +02:00
Timur Pocheptsov
ef840bef5c SecureTransport - make 'securetransport' feature public
Given the current feature disparity, it makes sense to give our users
ability to detect if they can use some feature or not in their application
code, using our 'modern' QT_CONFIG(securetransport). Accordingly, use this
new syntax in our own auto-tests.

Change-Id: Ib33b03e7e602e9f8b0db8251377c89dbaada1049
Reviewed-by: Mårten Nordheim <marten.nordheim@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2019-03-07 02:56:21 +00:00
Mårten Nordheim
7cc6f78dd4 Schannel support
Adds support for Schannel, an SSL backend for Windows, as an
alternative to OpenSSL.

[ChangeLog][QtNetwork][Ssl] Added support for Schannel on Desktop
Windows. To build Qt with Schannel support use '-schannel' during
configure.

Task-number: QTBUG-62637
Change-Id: Ic4fb8ed3657dab994f9f4a4ac5cbddc7001a0a46
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2019-01-22 15:19:48 +00:00
Mårten Nordheim
ef242e0b34 OpenSSL 1.1.1: Fix tst_QSslCertificate::toText
The formatting of the output from QSslCertificate::toText has
changed slightly from before, so it no longer matches the test's
data.

From what I can tell we just do a manual sanity check and create
a new file with the new output and then augment the test.

Task-number: QTBUG-67463
Change-Id: I751e5a3f9a28015f97c895cea47384704fd68e38
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2018-05-04 12:57:47 +00:00
Mårten Nordheim
b14934547a Use TESTDATA for QSsl* tests
Apparently this (undocumented) TESTDATA feature creates resource files,
but lets you use wildcards as well, which is very handy.

The reason I didn't know/realize this when adapting the tests to use a
".qrc"-file* was because some of the test-cases were using relative
paths instead of the 'testDataDir' variable.

This commit fixes the remaining uses of relative paths, removes a
usage of QDir::setCurrent, and adapts QSslSocket to use TESTDATA.

* in now-reverted commit e1600c1a73

Change-Id: Iee6d88f1e0810eeaadac90e7d44bc6db84bfeabf
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
Reviewed-by: Jesus Fernandez <Jesus.Fernandez@qt.io>
2018-01-12 11:43:55 +00:00
Mårten Nordheim
21c9b6fc58 QSsl* tests: Ensure trailing slash on directory path
Then we don't need to add a leading slash. (minor clean-up)

Change-Id: I86af224841009fda838e7cb89d47d324963328c9
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-01-09 08:52:46 +00:00
Mårten Nordheim
a5c58d503d Revert "Adapt the QSsl* tests to use the resource system"
This reverts commit e1600c1a73.

The commit missed the fact that TESTDATA exists. Which supports
wildcards and then can automatically pick up new files when added (as
long as they match a wildcard) and then you don't need to maintain a
giant qrc file.

Change-Id: Ie31fadb5ef6e8dfe6105f4f9764292f78cffb512
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2018-01-09 08:52:41 +00:00
Mårten Nordheim
f6684ed043 Skip QSsl* tests which don't work on WinRT
The reason for each is given in the skip. It's mostly about the
server-side encryption, which is unimplemented for WinRT.

Change-Id: I036b95a4526e02fd047e193f2b3c9130bec08144
Reviewed-by: Oliver Wolff <oliver.wolff@qt.io>
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-11-30 08:30:43 +00:00
Mårten Nordheim
e1600c1a73 Adapt the QSsl* tests to use the resource system
This lets the tests run on devices which previously did not have access
to the files used (WinRT, mobile devices).

Change-Id: Ibdd85862eee6ab1a7d4da87ca321ee9bc9880bfa
Reviewed-by: Edward Welbourne <edward.welbourne@qt.io>
2017-11-30 08:30:42 +00:00
Edward Welbourne
b9557296cb Fix crash when reading a PKCS12 file with no private key
The only reason our code wants PKCS12 files is for a private key, but
a valid file needn't contain one; and reading a file without lead to a
crash in QSslKeyPrivate::fromEVP_PKEY().  So check for missing key and
fail the load, since the file is useless to us.  Also ensure the
caller's pkey is initialized, as we aren't promised that
PKCS12_parse() will set it when there is no private key.

Add a test for this case (it crashes without the fix) and update the
instructions for how to generate test data to cover it also.
(Corrected the wording there, too; at the interactive prompt,
"providing no password" really provides an empty password.)

Task-number: QTBUG-62335
Change-Id: I617508b903f6d9dee40d539b7136b0be8bc2c747
Reviewed-by: Timur Pocheptsov <timur.pocheptsov@qt.io>
2017-08-17 06:43:49 +00:00
Jani Heikkinen
f776595cc1 Updated license headers
From Qt 5.7 -> tools & applications are lisenced under GPL v3 with some
exceptions, see
http://blog.qt.io/blog/2016/01/13/new-agreement-with-the-kde-free-qt-foundation/

Updated license headers to use new GPL-EXCEPT header instead of LGPL21 one
(in those files which will be under GPL 3 with exceptions)

Change-Id: I42a473ddc97101492a60b9287d90979d9eb35ae1
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Lars Knoll <lars.knoll@theqtcompany.com>
2016-01-21 18:55:18 +00:00
Friedemann Kleint
240d768ca6 tests/auto/network: Remove some placeholder formatting.
Use QByteArray/QString addition instead in loops and for
test row names.

Change-Id: I7974ace5b34f2da43e7511044e80de1e733245ac
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@theqtcompany.com>
2015-10-19 12:38:28 +00:00
Friedemann Kleint
f0a559f1c8 Tests: Use QCOMPARE() with QLatin1String() for QString values.
Prefer QCOMPARE over QVERIFY for equality and use QLatin1String().

Change-Id: If226a0fc7b25be3e6774c7e36ca1e6f99234e5dd
Reviewed-by: Jędrzej Nowacki <jedrzej.nowacki@theqtcompany.com>
2015-10-14 08:32:42 +00:00
Friedemann Kleint
a2a00eb044 Tests: Fix single-character string literals.
Use character literals where applicable.

Change-Id: I1a026c320079ee5ca6f70be835d5a541deee2dd1
Reviewed-by: Simon Hausmann <simon.hausmann@theqtcompany.com>
2015-10-13 18:14:27 +00:00
Timur Pocheptsov
5bfac9d653 Merge "Merge remote-tracking branch 'origin/5.5' into dev" into refs/staging/dev 2015-08-09 07:06:52 +00:00
Timur Pocheptsov
9861d2bf14 QSslCertificate - skip tests failing with generic QSslCertificatePrivate
SecureTransport does not implement QSslCertificatePrivate thus some
tests relying on generic version fail. Skip them for now.

Change-Id: I483340b37786a8a556e954b2c538e4f48a342be9
Reviewed-by: Morten Johan Sørvig <morten.sorvig@theqtcompany.com>
2015-08-08 22:50:50 +00:00
Frederik Gladhorn
77da617dc8 Merge remote-tracking branch 'origin/5.5' into dev
Conflicts:
	doc/global/qt-cpp-defines.qdocconf
	src/3rdparty/forkfd/forkfd.c
	src/corelib/codecs/qtextcodec.cpp
	src/corelib/kernel/qmetatype.cpp
	src/corelib/tools/qset.qdoc
	src/gui/accessible/qaccessible.cpp
	src/gui/image/qpixmapcache.cpp
	src/opengl/qgl.cpp
	src/tools/qdoc/generator.cpp
	src/widgets/kernel/qwidget.cpp
	tests/auto/widgets/widgets/qcombobox/tst_qcombobox.cpp

Change-Id: I4fbe1fa756a54c6843aa75f4ef70a1069ba7b085
2015-08-06 10:54:01 +02:00
Friedemann Kleint
57dbdcd92f tests/auto/network: Replace Q[TRY]_VERIFY(a == b) by Q[TRY]_COMPARE(a, b).
- Replace Q[TRY]_VERIFY(pointer == 0) by Q[TRY]_VERIFY(!pointer).
- Replace Q[TRY]_VERIFY(smartPointer == 0)  by
          Q[TRY]_VERIFY(smartPointer.isNull()).
- Replace Q[TRY]_VERIFY(a == b) by  Q[TRY]_COMPARE(a, b) and
  add casts where necessary. The values will then be logged
  should a test fail.

Change-Id: Icaa1edafcc6e2779fbd6dbc2c058544d6e07f1e9
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-07-31 04:29:33 +00:00
Jeremy Lainé
d113073203 ssl: add test certificates with DSA and EC keys
The QSslCertificate tests only covered certificates with RSA keys, this
extends the test coverage to DSA and EC keys.

Change-Id: Ibee26f449cf6c1d97cbac6b511972eb44d6f0bd2
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-07-30 11:31:40 +00:00
Friedemann Kleint
c067c012dc Tests: Replace Q[TRY]_VERIFY(v == true|false) by QVERIFY(v)|QVERIFY(!v).
Preparing the replacement of Q[TRY]_VERIFY(a == b) by
Q[TRY]_COMPARE(a, b) for non-boolean types.

Change-Id: Iab6ec2f0a89a3adc79e18304573994965013dab5
Reviewed-by: Mitch Curtis <mitch.curtis@theqtcompany.com>
2015-07-27 12:09:19 +00:00
Jani Heikkinen
83a5694dc2 Update copyright headers
Qt copyrights are now in The Qt Company, so we could update the source
code headers accordingly. In the same go we should also fix the links to
point to qt.io.

Outdated header.LGPL removed (use header.LGPL21 instead)

Old header.LGPL3 renamed to header.LGPL3-COMM to match actual licensing
combination. New header.LGPL-COMM taken in the use file which were
using old header.LGPL3 (src/plugins/platforms/android/extract.cpp)

Added new header.LGPL3 containing Commercial + LGPLv3 + GPLv2 license
combination

Change-Id: I6f49b819a8a20cc4f88b794a8f6726d975e8ffbe
Reviewed-by: Matti Paaso <matti.paaso@theqtcompany.com>
2015-02-11 06:49:51 +00:00
Rainer Keller
668a3a4da1 Autotest: Use QFINDTESTDATA to find test data
Change-Id: Ie6c659f6d8e8b3eeaf2453f0cba6189d56f86581
Reviewed-by: Oliver Wolff <oliver.wolff@theqtcompany.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2015-01-19 15:53:51 +01:00
Alejandro Exojo
f88ab80c8a Use camel case in PKCS#12 function
This makes it follow the coding style, which says to camel case acronyms too,
and makes it consistent with the rest of the class.

Change-Id: I4a1b21de1815530e476fc5aa8a0d41c724fc8021
Reviewed-by: Richard J. Moore <rich@kde.org>
Reviewed-by: hjk <hjk121@nokiamail.com>
2014-11-24 08:50:05 +01:00
Marc Mutz
e8bdc949fc Add qHash(QSslCertificate) overload
qsslsocket_winrt.cpp defined it locally, which runs the risk of
clashes with a potential user-defined qHash(QSslCertificate), so
make it public.

Also, the implementation in qsslsocket_winrt.cpp simply hashed
the handle(), which violates the principle that equal instances
must hash to the same value. Also, for some platforms, the
implementation returns nullptr unconditionally, which, while not
violating the above-mentioned principle, will make all users of
the hash have worst-case complexity.

To calculate a meaningful hash, therefore, the certificate needs
to be inspected deeper than just the handle.

For OpenSSL, we use X509::sha1_hash, which also X509_cmp uses
internally to determine inequality (it checks more stuff, but
if X059::sha1_hash is different, X509_cmp() returns non-zero,
which is sufficient for the purposes of qHash()). sha1_hash may
not be up-to-date, though, so we call X509_cmp to make it valid.
Ugh.

For WinRT/Qt, we use the DER encoding, as that is the native
storage format used in QSslCertificate. This is not equivalent
to the implementation used in qsslsocket_winrt.cpp before, but
since handle() == handle() => toDer() == toDer(), it should not
be a problem.

[ChangeLog][QtNetwork][QSslCertificate] Can now be used as a key in QSet/QHash.

Change-Id: I10858fe648c70fc9535af6913dd3b7f3b2cf0eba
Reviewed-by: Oliver Wolff <oliver.wolff@digia.com>
2014-10-19 07:32:37 +02:00
Matti Paaso
974c210835 Update license headers and add new license files
- Renamed LICENSE.LGPL to LICENSE.LGPLv21
- Added LICENSE.LGPLv3
- Removed LICENSE.GPL

Change-Id: Iec3406e3eb3f133be549092015cefe33d259a3f2
Reviewed-by: Iikka Eklund <iikka.eklund@digia.com>
2014-09-24 12:26:19 +02:00
Jeremy Lainé
070fcf9ce1 ssl: common certificate parser support for extensions
This makes non-OpenSSL backends able to handle to certificate
extensions.

This also converts the Q_OS_WINRT #ifdef's in the unit test to
QT_NO_OPENSSL as the behavior is the same for any non-OpenSSL
backend.

Change-Id: I6a8306dc5c97a659ec96063d5a59cee2ee9a63a9
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-09-05 14:20:44 +02:00
Jeremy Lainé
f750979b70 ssl: check critical certificate extensions
This adds a test for a QSslCertificate containing extensions which
are marked as critical.

Change-Id: I314e1f5c9943bcad5d43129a97f9f834882dc6fb
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-09-03 16:10:45 +02:00
Jeremy Lainé
a02d798bbd ssl: tighten QSslCertificateExtension tests
This tightens tests performed on a certificate's extensions by checking
isCritical() and isSupported() for all extensions. It also explicitly
checks the keys when value() returns a QVariantMap.

Change-Id: If51c55be25bbcd09cc3a6712ddfea2bf9a01360f
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-09-03 15:07:49 +02:00
Oliver Wolff
5328ec7e10 winrt: complete QSslCertificate implementation
The native handle and import functions are now available for use in other
parts of the winrt backend.

Change-Id: I07e6f95b3411c3dc7c1a7a164544b18e5e435d01
Reviewed-by: Maurice Kalinowski <maurice.kalinowski@digia.com>
Reviewed-by: Andrew Knight <andrew.knight@digia.com>
2014-08-30 08:20:51 +02:00
Richard J. Moore
1a8788d966 Move the PKCS#12 support from QSslSocket to QSslCertificate.
Discussed with Peter and agreed that it's a slightly better fit there.

Change-Id: If8db777336e2273670a23d75d8542b30c07e0d7b
Reviewed-by: Daniel Molkentin <daniel@molkentin.de>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
2014-05-14 11:08:01 +02:00
Frederik Gladhorn
b5552bab40 Merge remote-tracking branch 'origin/stable' into dev
Manually changed enum to LibGL in
    src/plugins/platforms/xcb/qglxintegration.cpp

Change-Id: If34ee6cce3d1d51fb4bb1fdfa59c30389ea0d207
2014-05-13 14:21:22 +02:00
Richard J. Moore
9b1746c499 Add autotest for the QSslCertificate QIODevice constructor.
Change-Id: I92fa083665509932b75ff1037904a6f78a950fd6
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
2014-05-06 16:35:56 +02:00
Richard J. Moore
1d6695451f Add an autotest the QSslCertificate::version() method works.
Change-Id: Ife5b7206fd3d7af57cfca3c0f28f56bb53ede7a7
Reviewed-by: Jeremy Lainé <jeremy.laine@m4x.org>
Reviewed-by: Peter Hartmann <phartmann@blackberry.com>
2014-05-06 16:35:56 +02:00
Daniel Molkentin
ae7bbe3400 Provide new API: QSslCertificate::isSelfSigned()
Change-Id: I382a017a0b865b849667301aff8b2f87b676ecc6
Reviewed-by: Richard J. Moore <rich@kde.org>
2014-04-30 01:30:08 +02:00
BogDan Vatra
934afb5c57 Fix loading of SSL certificate of DER files.
DER certificates should not be opened as text files, so we
only pass the QIODevice::Text flag when the format is
QSsl::Pem.

Change-Id: I4bad98023c397b967d5beeec0aaa6c414e06fd9c
Reviewed-by: Richard J. Moore <rich@kde.org>
2013-02-08 17:37:51 +01:00
Sergio Ahumada
48e0c4df23 Update copyright year in Digia's license headers
Change-Id: Ic804938fc352291d011800d21e549c10acac66fb
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
2013-01-18 09:07:35 +01:00
Janne Anttila
0c1bbf0386 SSL certificate printing: Fix auto test for OpenSSL 1.0.1 version.
Different OpenSSL versions  produce slightly different output when
dumping a certificate.

Change-Id: Ida98b24422302e287641be074d6740ca292cf203
Reviewed-by: Richard J. Moore <rich@kde.org>
2012-11-02 03:58:16 +01:00
Iikka Eklund
be15856f61 Change copyrights from Nokia to Digia
Change copyrights and license headers from Nokia to Digia

Change-Id: If1cc974286d29fd01ec6c19dd4719a67f4c3f00e
Reviewed-by: Lars Knoll <lars.knoll@digia.com>
Reviewed-by: Sergio Ahumada <sergio.ahumada@digia.com>
2012-09-22 19:20:11 +02:00
Martin Petersson
6c59cdecee QSslCertificate::fromPath fix wildcard handling
The reqExp used to handle wildcards in the path was broken. So we
always searched the working directory and not the specified path.
Autotest where passing because of a hack used for Windows paths
where we removed the first two chars in the path string.

This fix will not use nativeSeparators thus removing the Windows hack
and fix the regExp to match wildcard chars.

Task-number: QTBUG-23573
Change-Id: I56fadbb67f25b8ce9c0f17cb6232e0bdb9148b1c
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
2012-07-03 01:09:33 +02:00
Mitch Curtis
083af3c319 Fixed unused function warning in qsslcertificate test.
Change-Id: I4d402e486a8ceb965d008056f5f1bcb227f6f40c
Reviewed-by: Martin Petersson <Martin.Petersson@nokia.com>
2012-05-22 10:27:40 +02:00
Richard Moore
0b8021f5cb Change QSslCertificate::toText() to return a QString.
A couple of people reviewing the toText() method (which is new in 5.0)
have said that since the string returned is human readable it should
be a QString not a QByteArray. This change follows their advice.

Change-Id: Ibade9a24870805f7fbe2d299abeb9c6e964f0cf4
Reviewed-by: Girish Ramakrishnan <girish.1.ramakrishnan@nokia.com>
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
2012-05-21 03:10:43 +02:00
Thiago Macieira
dd5b373d41 Change remaining uses of {to,from}Ascii to {to,from}Latin1 [QtNetwork]
This operation should be a no-op anyway, since at this point in time,
the fromAscii and toAscii functions simply call their fromLatin1 and
toLatin1 counterparts.

Task-number: QTBUG-21872
Change-Id: I94cc301ea75cc689bcb6e2d417120cf14e36808d
Reviewed-by: Lars Knoll <lars.knoll@nokia.com>
Reviewed-by: Shane Kearns <shane.kearns@accenture.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2012-05-04 12:46:05 +02:00
Shane Kearns
00821ec710 QSslCertificate - make lazy initialisation thread safe
QSslCertificate can be copied around into multiple threads,
without detaching. For example, the https worker threads inside
QNetworkAccessManager.
There are const methods, which lazily initialise members of
the private class without detaching (i.e. caching results of
expensive function calls)
These functions now lock the d pointer using QMutexPool to
avoid concurrency related crashes.

autotest crashes 20% of the time in release builds without
the fix, passes 100 times in a row with the fix.

Task-number: QTBUG-20452
Change-Id: I64a01af8159216f2dd6215a08669890f6c029ca8
Reviewed-by: Thiago Macieira <thiago.macieira@intel.com>
Reviewed-by: Richard J. Moore <rich@kde.org>
2012-03-06 12:25:22 +01:00
Shane Kearns
3f91cde588 Test for QT_NO_SSL instead of QT_NO_OPENSSL
Change the ifdefs in our own code (except openssl backend) to use the
new configure flag.

Change-Id: I8774734771c66b22164b5fae8fdb27814ac3df7b
Reviewed-by: Richard J. Moore <rich@kde.org>
2012-02-21 15:28:40 +01:00
Kurt Korbatits
20f6dc615a Changed qsslcertificate unittest to work from install directory
- Changed to use TESTDATA and QFINDTESTDATA instead of SRCDIR

Change-Id: I1957ef287ba2f337b5e0b2c6245d872eacb6316f
Reviewed-by: Jason McDonald <jason.mcdonald@nokia.com>
Reviewed-by: Rohan McGovern <rohan.mcgovern@nokia.com>
2012-02-17 05:24:40 +01:00